PageRenderTime 39ms CodeModel.GetById 19ms app.highlight 15ms RepoModel.GetById 1ms app.codeStats 0ms

/htdocs/yurivn/admincp/modlog.php

https://gitlab.com/trang1104/portable_project
PHP | 426 lines | 342 code | 55 blank | 29 comment | 52 complexity | 325f5582c08d0c1f08b225d3d6198c2e MD5 | raw file
  1<?php
  2/*======================================================================*\
  3|| #################################################################### ||
  4|| # vBulletin 4.2.2 Alpha 1 - Licence Number VBFSA2W3VC
  5|| # ---------------------------------------------------------------- # ||
  6|| # Copyright �2000-2013 vBulletin Solutions Inc. All Rights Reserved. ||
  7|| # This file may not be redistributed in whole or significant part. # ||
  8|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
  9|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
 10|| #################################################################### ||
 11\*======================================================================*/
 12
 13// ######################## SET PHP ENVIRONMENT ###########################
 14error_reporting(E_ALL & ~E_NOTICE);
 15
 16// ##################### DEFINE IMPORTANT CONSTANTS #######################
 17define('CVS_REVISION', '$RCSfile$ - $Revision: 42666 $');
 18
 19// #################### PRE-CACHE TEMPLATES AND DATA ######################
 20$phrasegroups = array('logging', 'threadmanage');
 21$specialtemplates = array();
 22
 23// ########################## REQUIRE BACK-END ############################
 24require_once('./global.php');
 25require_once(DIR . '/includes/functions_log_error.php');
 26
 27// ############################# LOG ACTION ###############################
 28if (!can_administer('canadminmodlog'))
 29{
 30	print_cp_no_permission();
 31}
 32
 33log_admin_action();
 34
 35// ########################################################################
 36// ######################### START MAIN SCRIPT ############################
 37// ########################################################################
 38
 39print_cp_header($vbphrase['moderator_log']);
 40
 41if (empty($_REQUEST['do']))
 42{
 43	$_REQUEST['do'] = 'choose';
 44}
 45
 46// ###################### Start view #######################
 47if ($_REQUEST['do'] == 'view')
 48{
 49	$vbulletin->input->clean_array_gpc('r', array(
 50		'perpage'    => TYPE_UINT,
 51		'pagenumber' => TYPE_UINT,
 52		'userid'     => TYPE_UINT,
 53		'modaction'  => TYPE_STR,
 54		'orderby'    => TYPE_NOHTML,
 55		'product'    => TYPE_STR,
 56		'startdate'  => TYPE_UNIXTIME,
 57		'enddate'    => TYPE_UNIXTIME,
 58	));
 59
 60	$princids = array(
 61		'poll_question'    => $vbphrase['question'],
 62		'post_title'       => $vbphrase['post'],
 63		'thread_title'     => $vbphrase['thread'],
 64		'forum_title'      => $vbphrase['forum'],
 65		'attachment_title' => $vbphrase['attachment'],
 66	);
 67
 68	$sqlconds = array();
 69	$hook_query_fields = $hook_query_joins = '';
 70
 71	if ($vbulletin->GPC['perpage'] < 1)
 72	{
 73		$vbulletin->GPC['perpage'] = 15;
 74	}
 75
 76	if ($vbulletin->GPC['userid'] OR $vbulletin->GPC['modaction'])
 77	{
 78		if ($vbulletin->GPC['userid'])
 79		{
 80			$sqlconds[] = "moderatorlog.userid = " . $vbulletin->GPC['userid'];
 81		}
 82		if ($vbulletin->GPC['modaction'])
 83		{
 84			$sqlconds[] = "moderatorlog.action LIKE '%" . $db->escape_string_like($vbulletin->GPC['modaction']) . "%'";
 85		}
 86	}
 87
 88	if ($vbulletin->GPC['startdate'])
 89	{
 90		$sqlconds[] = "moderatorlog.dateline >= " . $vbulletin->GPC['startdate'];
 91	}
 92
 93	if ($vbulletin->GPC['enddate'])
 94	{
 95 		$sqlconds[] = "moderatorlog.dateline <= " . $vbulletin->GPC['enddate'];
 96	}
 97
 98	if ($vbulletin->GPC['product'])
 99	{
100		if ($vbulletin->GPC['product'] == 'vbulletin')
101		{
102			$sqlconds[] = "moderatorlog.product IN ('', 'vbulletin')";
103		}
104		else
105		{
106			$sqlconds[] = "moderatorlog.product = '" . $db->escape_string($vbulletin->GPC['product']) . "'";
107		}
108	}
109
110	($hook = vBulletinHook::fetch_hook('admin_modlogviewer_query')) ? eval($hook) : false;
111
112	$counter = $db->query_first("
113		SELECT COUNT(*) AS total
114		FROM " . TABLE_PREFIX . "moderatorlog AS moderatorlog
115		" . (!empty($sqlconds) ? "WHERE " . implode("\r\n\tAND ", $sqlconds) : "") . "
116	");
117	$totalpages = ceil($counter['total'] / $vbulletin->GPC['perpage']);
118
119	if ($vbulletin->GPC['pagenumber'] < 1)
120	{
121		$vbulletin->GPC['pagenumber'] = 1;
122	}
123	$startat = ($vbulletin->GPC['pagenumber'] - 1) * $vbulletin->GPC['perpage'];
124
125	switch($vbulletin->GPC['orderby'])
126	{
127		case 'user':
128			$order = 'username ASC, dateline DESC';
129			break;
130		case 'modaction':
131			$order = 'action ASC, dateline DESC';
132			break;
133		case 'date':
134		default:
135			$order = 'dateline DESC';
136	}
137
138	$logs = $db->query_read("
139		SELECT moderatorlog.*, user.username,
140			post.title AS post_title, forum.title AS forum_title, thread.title AS thread_title, poll.question AS poll_question, attachment.filename AS attachment_title
141			$hook_query_fields
142		FROM " . TABLE_PREFIX . "moderatorlog AS moderatorlog
143		LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = moderatorlog.userid)
144		LEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = moderatorlog.postid)
145		LEFT JOIN " . TABLE_PREFIX . "forum AS forum ON (forum.forumid = moderatorlog.forumid)
146		LEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = moderatorlog.threadid)
147		LEFT JOIN " . TABLE_PREFIX . "poll AS poll ON (poll.pollid = moderatorlog.pollid)
148		LEFT JOIN " . TABLE_PREFIX . "attachment AS attachment ON (attachment.attachmentid = moderatorlog.attachmentid)
149		$hook_join_fields
150		" . (!empty($sqlconds) ? "WHERE " . implode("\r\n\tAND ", $sqlconds) : "") . "
151		ORDER BY $order
152		LIMIT $startat, " . $vbulletin->GPC['perpage'] . "
153	");
154
155	if ($db->num_rows($logs))
156	{
157		$vbulletin->GPC['modaction'] = htmlspecialchars_uni($vbulletin->GPC['modaction']);
158
159		if ($vbulletin->GPC['pagenumber'] != 1)
160		{
161			$prv = $vbulletin->GPC['pagenumber'] - 1;
162			$firstpage = "<input type=\"button\" class=\"button\" value=\"&laquo; " . $vbphrase['first_page'] . "\" tabindex=\"1\" onclick=\"window.location='modlog.php?" . $vbulletin->session->vars['sessionurl'] . "do=view&modaction=" . $vbulletin->GPC['modaction'] . "&u=" . $vbulletin->GPC['userid'] . "&pp=" . $vbulletin->GPC['perpage'] . "&orderby=" . $vbulletin->GPC['orderby'] . "&page=1'\">";
163			$prevpage = "<input type=\"button\" class=\"button\" value=\"&lt; " . $vbphrase['prev_page'] . "\" tabindex=\"1\" onclick=\"window.location='modlog.php?" . $vbulletin->session->vars['sessionurl'] . "do=view&modaction=" . $vbulletin->GPC['modaction'] . "&u=" . $vbulletin->GPC['userid'] . "&pp=" . $vbulletin->GPC['perpage'] . "&orderby=" . $vbulletin->GPC['orderby'] . "&page=$prv'\">";
164		}
165
166		if ($vbulletin->GPC['pagenumber'] != $totalpages)
167		{
168			$nxt = $vbulletin->GPC['pagenumber'] + 1;
169			$nextpage = "<input type=\"button\" class=\"button\" value=\"" . $vbphrase['next_page'] . " &gt;\" tabindex=\"1\" onclick=\"window.location='modlog.php?" . $vbulletin->session->vars['sessionurl'] . "do=view&modaction=" . $vbulletin->GPC['modaction'] . "&u=" . $vbulletin->GPC['userid'] . "&pp=" . $vbulletin->GPC['perpage'] . "&orderby=" . $vbulletin->GPC['orderby'] . "&page=$nxt'\">";
170			$lastpage = "<input type=\"button\" class=\"button\" value=\"" . $vbphrase['last_page'] . " &raquo;\" tabindex=\"1\" onclick=\"window.location='modlog.php?" . $vbulletin->session->vars['sessionurl'] . "do=view&modaction=" . $vbulletin->GPC['modaction'] . "&u=" . $vbulletin->GPC['userid'] . "&pp=" . $vbulletin->GPC['perpage'] . "&orderby=" . $vbulletin->GPC['orderby'] . "&page=$totalpages'\">";
171		}
172
173		print_form_header('modlog', 'remove');
174		print_description_row(construct_link_code($vbphrase['restart'], "modlog.php?" . $vbulletin->session->vars['sessionurl'] . ""), 0, 6, 'thead', vB_Template_Runtime::fetchStyleVar('right'));
175		print_table_header(construct_phrase($vbphrase['moderator_log_viewer_page_x_y_there_are_z_total_log_entries'], vb_number_format($vbulletin->GPC['pagenumber']), vb_number_format($totalpages), vb_number_format($counter['total'])), 6);
176
177		$headings = array();
178		$headings[] = $vbphrase['id'];
179		$headings[] = "<a href=\"modlog.php?" . $vbulletin->session->vars['sessionurl'] . "do=view&modaction=" . $vbulletin->GPC['modaction'] . "&u=" . $vbulletin->GPC['userid'] . "&pp=" . $vbulletin->GPC['perpage'] . "&orderby=user&page=" . $vbulletin->GPC['pagenumber'] . "\">" . str_replace(' ', '&nbsp;', $vbphrase['username']) . "</a>";
180		$headings[] = "<a href=\"modlog.php?" . $vbulletin->session->vars['sessionurl'] . "do=view&modaction=" . $vbulletin->GPC['modaction'] . "&u=" . $vbulletin->GPC['userid'] . "&pp=" . $vbulletin->GPC['perpage'] . "&orderby=date&page=" . $vbulletin->GPC['pagenumber'] . "\">" . $vbphrase['date'] . "</a>";
181		//$headings[] = "<a href=\"modlog.php?" . $vbulletin->session->vars['sessionurl'] . "do=view&modaction=" . $vbulletin->GPC['modaction'] . "&u=" . $vbulletin->GPC['userid'] . "&pp=" . $vbulletin->GPC['perpage'] . "&orderby=modaction&page=" . $vbulletin->GPC['pagenumber'] . "\">" . $vbphrase['action'] . "</a>";
182		$headings[] = $vbphrase['action'];
183		$headings[] = $vbphrase['info'];
184		$headings[] = str_replace(' ', '&nbsp;', $vbphrase['ip_address']);
185		print_cells_row($headings, 1);
186
187		while ($log = $db->fetch_array($logs))
188		{
189			$cell = array();
190			$cell[] = $log['moderatorlogid'];
191			$cell[] = "<a href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u=$log[userid]\"><b>$log[username]</b></a>";
192			$cell[] = '<span class="smallfont">' . vbdate($vbulletin->options['logdateformat'], $log['dateline']) . '</span>';
193
194			if ($log['type'])
195			{
196				$phrase = fetch_modlogactions($log['type']);
197
198				if ($unserialized = unserialize($log['action']))
199				{
200					array_unshift($unserialized, $vbphrase["$phrase"]);
201					$log['action'] = call_user_func_array('construct_phrase', $unserialized);
202				}
203				else
204				{
205					$log['action'] = construct_phrase($vbphrase["$phrase"], $log['action']);
206				}
207			}
208
209			if ($log['thread_title'] == '' AND $log['threadtitle'] != '')
210			{
211				$log['thread_title'] =& $log['threadtitle'];
212			}
213
214			$cell[] = $log['action'];
215
216			($hook = vBulletinHook::fetch_hook('admin_modlogviewer_query_loop')) ? eval($hook) : false;
217
218			$celldata = '';
219			reset($princids);
220			foreach ($princids AS $sqlfield => $output)
221			{
222				if ($sqlfield == 'post_title' AND $log['post_title'] == '' AND !empty($log['postid']))
223				{
224					$log['post_title'] = $vbphrase['untitled'];
225				}
226
227				if ($log["$sqlfield"])
228				{
229					if ($celldata)
230					{
231						$celldata .= "<br />\n";
232					}
233					$celldata .= "<b>$output:</b> ";
234					switch($sqlfield)
235					{
236						case 'post_title':
237							$celldata .= construct_link_code($log["$sqlfield"], 
238								fetch_seo_url('thread|bburl', $log, array('p' => $log['postid']), 'threadid', 'thread_title') . "#post$log[postid]",
239								true);
240							break;
241						case 'thread_title':
242							$celldata .= construct_link_code($log["$sqlfield"], 
243								fetch_seo_url('thread|bburl', $log, null, 'threadid', 'thread_title'), true);
244							break;
245						case 'forum_title':
246							$celldata .= construct_link_code($log["$sqlfield"], 
247								fetch_seo_url('forum|bburl', $log, null, 'forumid', 'forum_title'), true);
248							break;
249						case 'attachment_title':
250							$celldata .= construct_link_code(htmlspecialchars_uni($log["$sqlfield"]), "../attachment.php?" . $vbulletin->session->vars['sessionurl'] . "attachmentid=$log[attachmentid]&amp;nocache=" . TIMENOW, true);
251							break;
252						default:
253							$handled = false;
254							($hook = vBulletinHook::fetch_hook('admin_modlogviewer_query_linkfield')) ? eval($hook) : false;
255							if (!$handled)
256							{
257								$celldata .= $log["$sqlfield"];
258							}
259					}
260				}
261			}
262
263			$cell[] = $celldata;
264
265			$cell[] = '<span class="smallfont">' . iif($log['ipaddress'], "<a href=\"usertools.php?" . $vbulletin->session->vars['sessionurl'] . "do=gethost&ip=$log[ipaddress]\">$log[ipaddress]</a>", '&nbsp;') . '</span>';
266
267			print_cells_row($cell, 0, 0, -4);
268		}
269
270		print_table_footer(6, "$firstpage $prevpage &nbsp; $nextpage $lastpage");
271	}
272	else
273	{
274		print_stop_message('no_results_matched_your_query');
275	}
276}
277
278// ###################### Start prune log #######################
279if ($_REQUEST['do'] == 'prunelog' AND can_access_logs($vbulletin->config['SpecialUsers']['canpruneadminlog'], 0, '<p>' . $vbphrase['control_panel_log_pruning_permission_restricted'] . '</p>'))
280{
281	$vbulletin->input->clean_array_gpc('r', array(
282		'daysprune' => TYPE_UINT,
283		'userid'    => TYPE_UINT,
284		'modaction' => TYPE_STR,
285		'product'   => TYPE_STR,
286	));
287
288	$datecut = TIMENOW - (86400 * $vbulletin->GPC['daysprune']);
289
290	$sqlconds = array("dateline < $datecut");
291	if ($vbulletin->GPC['userid'])
292	{
293		$sqlconds[] = "userid = " . $vbulletin->GPC['userid'];
294
295	}
296	if ($vbulletin->GPC['modaction'])
297	{
298		$sqlconds[] = "action LIKE '%" . $db->escape_string_like($vbulletin->GPC['modaction']) . "%'";
299	}
300	if ($vbulletin->GPC['product'])
301	{
302		if ($vbulletin->GPC['product'] == 'vbulletin')
303		{
304			$sqlconds[] = "product IN ('', 'vbulletin')";
305		}
306		else
307		{
308			$sqlconds[] = "product = '" . $db->escape_string($vbulletin->GPC['product']) . "'";
309		}
310	}
311
312	$logs = $db->query_first("
313		SELECT COUNT(*) AS total
314		FROM " . TABLE_PREFIX . "moderatorlog
315		WHERE " . (!empty($sqlconds) ? implode("\r\n\tAND ", $sqlconds) : "") . "
316	");
317	if ($logs['total'])
318	{
319		print_form_header('modlog', 'doprunelog');
320		construct_hidden_code('datecut', $datecut);
321		construct_hidden_code('modaction', $vbulletin->GPC['modaction']);
322		construct_hidden_code('userid', $vbulletin->GPC['userid']);
323		construct_hidden_code('product', $vbulletin->GPC['product']);
324		print_table_header($vbphrase['prune_moderator_log']);
325		print_description_row(construct_phrase($vbphrase['are_you_sure_you_want_to_prune_x_log_entries_from_moderator_log'], vb_number_format($logs['total'])));
326		print_submit_row($vbphrase['yes'], 0, 0, $vbphrase['no']);
327	}
328	else
329	{
330		print_stop_message('no_logs_matched_your_query');
331	}
332
333}
334
335// ###################### Start do prune log #######################
336if ($_POST['do'] == 'doprunelog' AND can_access_logs($vbulletin->config['SpecialUsers']['canpruneadminlog'], 0, '<p>' . $vbphrase['control_panel_log_pruning_permission_restricted'] . '</p>'))
337{
338	$vbulletin->input->clean_array_gpc('p', array(
339		'datecut'   => TYPE_UINT,
340		'modaction' => TYPE_STR,
341		'userid'    => TYPE_UINT,
342		'product'   => TYPE_STR,
343	));
344
345	$sqlconds = array("dateline < " . $vbulletin->GPC['datecut']);
346	if (!empty($vbulletin->GPC['modaction']))
347	{
348		$sqlconds[] = "action LIKE '%" . $db->escape_string_like($vbulletin->GPC['modaction']) . "%'";
349	}
350	if (!empty($vbulletin->GPC['userid']))
351	{
352		$sqlconds[] = "userid = " . $vbulletin->GPC['userid'];
353	}
354	if ($vbulletin->GPC['product'])
355	{
356		if ($vbulletin->GPC['product'] == 'vbulletin')
357		{
358			$sqlconds[] = "product IN ('', 'vbulletin')";
359		}
360		else
361		{
362			$sqlconds[] = "product = '" . $db->escape_string($vbulletin->GPC['product']) . "'";
363		}
364	}
365
366	$db->query_write("
367		DELETE FROM " . TABLE_PREFIX . "moderatorlog
368		WHERE " . (!empty($sqlconds) ? implode("\r\n\tAND ", $sqlconds) : "") . "
369	");
370
371	define('CP_REDIRECT', 'modlog.php?do=choose');
372	print_stop_message('pruned_moderator_log_successfully');
373}
374
375// ###################### Start modify #######################
376if ($_REQUEST['do'] == 'choose')
377{
378	$users = $db->query_read("
379		SELECT DISTINCT moderatorlog.userid, user.username
380		FROM " . TABLE_PREFIX . "moderatorlog AS moderatorlog
381		INNER JOIN " . TABLE_PREFIX . "user AS user USING(userid)
382		ORDER BY username
383	");
384	$userlist = array('no_value' => $vbphrase['all_log_entries']);
385	while ($user = $db->fetch_array($users))
386	{
387		$userlist["$user[userid]"] = $user['username'];
388	}
389
390	print_form_header('modlog', 'view');
391	print_table_header($vbphrase['moderator_log_viewer']);
392	print_input_row($vbphrase['log_entries_to_show_per_page'], 'perpage', 15);
393	print_select_row($vbphrase['show_only_entries_generated_by'], 'userid', $userlist);
394	print_time_row($vbphrase['start_date'], 'startdate', 0, 0);
395	print_time_row($vbphrase['end_date'], 'enddate', 0, 0);
396	if (count($products = fetch_product_list()) > 1)
397	{
398		print_select_row($vbphrase['product'], 'product', array('' => $vbphrase['all_products']) + $products);
399	}
400	print_select_row($vbphrase['order_by'], 'orderby', array('date' => $vbphrase['date'], 'user' => $vbphrase['username']), 'date');
401	print_submit_row($vbphrase['view'], 0);
402
403	if (can_access_logs($vbulletin->config['SpecialUsers']['canpruneadminlog'], 0, ''))
404	{
405		print_form_header('modlog', 'prunelog');
406		print_table_header($vbphrase['prune_moderator_log']);
407		print_select_row($vbphrase['remove_entries_logged_by_user'], 'userid', $userlist);
408		if (count($products) > 1)
409		{
410			print_select_row($vbphrase['product'], 'product', array('' => $vbphrase['all_products']) + $products);
411		}
412		print_input_row($vbphrase['remove_entries_older_than_days'], 'daysprune', 30);
413		print_submit_row($vbphrase['prune_log_entries'], 0);
414	}
415
416}
417
418print_cp_footer();
419
420/*======================================================================*\
421|| ####################################################################
422|| # Downloaded: 03:13, Sat Sep 7th 2013
423|| # CVS: $RCSfile$ - $Revision: 42666 $
424|| ####################################################################
425\*======================================================================*/
426?>